You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/03/11 12:05:10 UTC
git commit: updated refs/heads/master to 40f343f
Repository: cloudstack
Updated Branches:
refs/heads/master 182d770f9 -> 40f343ff4
api: avoid sending sensitive data in api response
- UI: use post when updating user
- S3: don't send s3 key in the response
- VPN: don't send preshared key in remoteaccessvpn api response
- Snapshot response should set zone id not volume's device id
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
(cherry picked from commit 02cadc3fb3fae7f5e8c87b7fafb977fb5eeae6eb)
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/40f343ff
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/40f343ff
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/40f343ff
Branch: refs/heads/master
Commit: 40f343ff4cd2d21549b77285e9c9bf3d9f9a5858
Parents: 182d770
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Wed Mar 11 16:30:20 2015 +0530
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Wed Mar 11 16:34:56 2015 +0530
----------------------------------------------------------------------
.../cloudstack/api/response/RemoteAccessVpnResponse.java | 8 --------
server/src/com/cloud/api/ApiResponseHelper.java | 3 +--
.../src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java | 6 ++++--
ui/scripts/installWizard.js | 1 +
4 files changed, 6 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/40f343ff/api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java b/api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java
index 28d788b..60a45b6 100644
--- a/api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/RemoteAccessVpnResponse.java
@@ -41,10 +41,6 @@ public class RemoteAccessVpnResponse extends BaseResponse implements ControlledE
@Param(description = "the range of ips to allocate to the clients")
private String ipRange;
- @SerializedName("presharedkey")
- @Param(description = "the ipsec preshared key")
- private String presharedKey;
-
@SerializedName(ApiConstants.ACCOUNT)
@Param(description = "the account of the remote access vpn")
private String accountName;
@@ -85,10 +81,6 @@ public class RemoteAccessVpnResponse extends BaseResponse implements ControlledE
this.ipRange = ipRange;
}
- public void setPresharedKey(String presharedKey) {
- this.presharedKey = presharedKey;
- }
-
@Override
public void setAccountName(String accountName) {
this.accountName = accountName;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/40f343ff/server/src/com/cloud/api/ApiResponseHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index f9a65c8..275a2b8 100644
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -472,7 +472,7 @@ public class ApiResponseHelper implements ResponseGenerator {
snapshotResponse.setVolumeId(volume.getUuid());
snapshotResponse.setVolumeName(volume.getName());
snapshotResponse.setVolumeType(volume.getVolumeType().name());
- DataCenter zone = ApiDBUtils.findZoneById(volume.getDeviceId());
+ DataCenter zone = ApiDBUtils.findZoneById(volume.getDataCenterId());
if (zone != null) {
snapshotResponse.setZoneId(zone.getUuid());
}
@@ -1352,7 +1352,6 @@ public class ApiResponseHelper implements ResponseGenerator {
vpnResponse.setPublicIp(ip.getAddress().addr());
}
vpnResponse.setIpRange(vpn.getIpRange());
- vpnResponse.setPresharedKey(vpn.getIpsecPresharedKey());
populateOwner(vpnResponse, vpn);
vpnResponse.setState(vpn.getState().toString());
vpnResponse.setId(vpn.getUuid());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/40f343ff/server/src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java b/server/src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java
index f1f873c..6e9c148 100644
--- a/server/src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java
+++ b/server/src/com/cloud/api/query/dao/ImageStoreJoinDaoImpl.java
@@ -84,7 +84,8 @@ public class ImageStoreJoinDaoImpl extends GenericDaoBase<ImageStoreJoinVO, Long
if ( detailName != null && detailName.length() > 0 && !detailName.equals(ApiConstants.PASSWORD)) {
String detailValue = ids.getDetailValue();
if (detailName.equals(ApiConstants.KEY) || detailName.equals(ApiConstants.S3_SECRET_KEY)) {
- detailValue = DBEncryptionUtil.decrypt(detailValue);
+ // ALWAYS return an empty value for the S3 secret key since that key is managed by Amazon and not CloudStack
+ detailValue = "";
}
ImageStoreDetailResponse osdResponse = new ImageStoreDetailResponse(detailName, detailValue);
osResponse.addDetail(osdResponse);
@@ -99,7 +100,8 @@ public class ImageStoreJoinDaoImpl extends GenericDaoBase<ImageStoreJoinVO, Long
if ( detailName != null && detailName.length() > 0 && !detailName.equals(ApiConstants.PASSWORD)) {
String detailValue = ids.getDetailValue();
if (detailName.equals(ApiConstants.KEY) || detailName.equals(ApiConstants.S3_SECRET_KEY)) {
- detailValue = DBEncryptionUtil.decrypt(detailValue);
+ // ALWAYS return an empty value for the S3 secret key since that key is managed by Amazon and not CloudStack
+ detailValue = "";
}
ImageStoreDetailResponse osdResponse = new ImageStoreDetailResponse(detailName, detailValue);
response.addDetail(osdResponse);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/40f343ff/ui/scripts/installWizard.js
----------------------------------------------------------------------
diff --git a/ui/scripts/installWizard.js b/ui/scripts/installWizard.js
index e6d840a..9d7c23d 100644
--- a/ui/scripts/installWizard.js
+++ b/ui/scripts/installWizard.js
@@ -37,6 +37,7 @@
id: cloudStack.context.users[0].userid,
password: md5Hashed ? $.md5(args.data.password) : args.data.password
},
+ type: 'POST',
dataType: 'json',
async: true,
success: function(data) {